Manage Passwords and Keep Your Sanity

In life, I wear many hats.

I am a Software Engineer, so I know what leaps we have to go through to keep your data safe, when it’s on our servers.  We do our best to keep things simple for you, but we can’t do it all.  As such, having a good password is what we expect of you.  Doing this keeps us, and you safe(er) from data breaches.

But, it would seem you’re not keeping your end of the bargain:

So what makes a good password?  Longer is better.  Multiple types of characters (letters, digits, special characters, etc.) are better. Not based on a dictionary word. So on, and so forth.  What are you left with.  Phrases that are unrecognizable as ‘human’.

I am also a consumer.  Setting different passwords for each account is also recommended, as a breach on one won’t lead to a breach of another.  But who has time to generate (and remember) these complex password for every site one visits?

I feel the pain on both sides of the equation.  Passwords suck!

I am also an open-source advocate (some might even say zealot).  So until the boffins in the lab come up with something better than passwords, I can heartily recommend KeePass Password Safe.  This is a nifty bit of open-source software that will help you manage your passwords.  You can run it pretty much everywhere you can run software.  It saves your passwords to an encrypted file, and helps you generate strong, complex passwords.  When you need to use them, just copy-paste them from the KeePass application to your browser or other application.

Go forth and continue to enjoy your computing experience, but help keep us all safe by using strong passwords.  Using KeePass will help you keep them strong and unique and best of all, maintain your sanity.  Just don’t lose that password file!


Tags: , , ,

2 responses to “Manage Passwords and Keep Your Sanity”

  1. Dejan Savic says :

    Hey Chris,

    I find this approach not very practical. I guess as safe backup of all of your passwords I would use it. I am mostly advocate of complex long passwords but with some pattern known only by you.

    for example:

    significant number + variation on name of website (service) + last three letters of the web site in capital + some spec char or set of them

    In this way or some variation you are making long, not easy to guess pass that you can remember.

    The only issue is when someone figures pattern :) you are done for all your passwords, so a bit of randomness should be added here and there.

    You can always use pass backup software, as we know with years things are becoming much more difficult to remember :)

    • ccollins says :

      Yeah, that’s a method that more then one person has suggested. Whatever works for you.

      I haven’t seen an analysis of the security of such an approach though. It might be worthwhile sending a few of these passwords though a strength checker just to see how long they would take to crack. Just make sure you use an offline one.

%d bloggers like this: